Web application hacking is in a class of its own. While network- and system-related hacking focuses on gaining persistent presence on those systems or otherwise modifying their state, web pen testing is focused on fooling the server, client, or both into doing the attacker's bidding. Sure, you can try to pawn those servers or compromise the client or browser, but if you can get all you want from the exchange without establishing a permanent residence, why not? Injection attacks, which make a lot of web developers very nervous, are like a Jedi Mind Trick for web applications. With a wave of your hand (not literally, it is really just some effort on a keyboard), you can convince the server, client, or both to act in a way they would not otherwise. This may be done to give up data (as is believed to have happened in the Impact Team...
Germany
Slovakia
Canada
Brazil
Singapore
Hungary
Philippines
Mexico
Thailand
Ukraine
Luxembourg
Estonia
Lithuania
Norway
Chile
United States
Great Britain
India
Spain
South Korea
Ecuador
Colombia
Taiwan
Switzerland
Indonesia
Cyprus
Denmark
Finland
Poland
Malta
Czechia
New Zealand
Austria
Turkey
France
Sweden
Italy
Egypt
Belgium
Portugal
Slovenia
Ireland
Romania
Greece
Argentina
Malaysia
South Africa
Netherlands
Bulgaria
Latvia
Australia
Japan
Russia